This course covers custom tool development for offensive security campaigns at the user, kernel and hypervisor levels. Write your own custom code in Rust from scratch, covering both the high-level design of our code to complete guided walkthroughs of our custom code development process, including our own Rust-based COFF loaders, anti-EDR modules, C2 server and agents, kernel rootkits, hypervisor implants and more.
At completion of the training, you will be competent in programming your own framework for red team exercises, including custom C2 & implant development leveraging secure communications & extensibility via modules.
You will also have experience developing custom post-exploitation modules to dump memory and perform common post-exploitation tasks while bypassing/evading EDRs and securely exfiltrating data over encrypted comms to prevent privacy or security risks during offensive operations.
You will also have experience with certain advanced techniques used by the particularly skilled APT groups (e.g. blue-pill hypervisors, finding & exploiting quick 0-days for privilege escalation).
Syllabus
- Core C2 Framework Internals
-
C2 & Implant Relationship
-
Operational Concerns
-
Methods of Communication
-
Implant Functionality
-
Extensibility via Modules
-
Examining Public C2s
-
-
Creating our C2 (Design & Dev)
-
Rust
-
Core Functionality Development
-
Adding Extensibility
-
System Profiling & Stealth
-
Runtime Module Loading
-
- Module Development
-
Process Migration
-
Persistence & Lateral Movement
-
Advanced EDR Evasion
-
Reversing / Analysis Evasion
-
Loading Kernel Rootkits
-
-
Kernel & Hypervisor Techniques
-
Advanced Rootkit Techniques
-
Hypervisor Theory
-
Creating a Blue-Pill Hypervisor in Rust
-
